CVE-2013-6198

HP Service Manager - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in HP Service Manager WebTier and Windows Client 9.20 and 9.21 before 9.21.661 p8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

References (3)

[Vendor Advisory] http://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c04052075

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/89975

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1029541

Scores

EPSS 0.0172

EPSS Percentile 82.3%

Details

CWE

CWE-79

Status published

Products (7)

hp/service_manager

hp/service_manager_web_client

hp/service_manager_web_tier

n/a/n/a

Published Dec 29, 2013

Tracked Since Feb 18, 2026